Saturday, January 12, 2019

People
across the world are expecting major cyber-attacks against their own
country. A Pew Research survey
of more than 27,000 respondents across 26 countries shows that the
majority of people expect that sensitive national security
information will be accessed (74%), the public infrastructure will be
damaged (69%), and elections will be targeted (61%).

In
all these areas, American concerns are higher than average.
Eighty-three percent are worried about attacks on the infrastructure,
82% fear that national security information will be accessed, and 78%
expect election tampering. The breakdown within each area follows
political party associations. For example, Democrats (87%) in the
U.S. are more concerned about election tampering than Republicans
(66%).

I think the “Tell us now and then tell us when
the number changes” bit could be interesting.

On Jan. 10, 2019, Massachusetts Gov.
Charlie Baker signed legislation
that will significantly amend the state’s data breach notification
law. The amendments become effective on April 11, 2019.

One of the significant changes includes a
new requirement to provide
an offer of complimentary credit monitoring for “a period of not
less than 18 months” when the data security incident
involves a Massachusetts resident’s Social Security number. With
this new obligation, Massachusetts joins Connecticut and Delaware as
states that require an offer of complimentary credit monitoring when
the incident involves a resident’s Social Security number. There
was no update to the timing of any required individual notice
obligations, which remains “as soon as practicable and without
unreasonable delay”; but the new amendments require a rolling
notification to individuals under certain circumstances: “A
notice provided pursuant to this section shall not be delayed on
grounds that the total number of residents affected is not yet
ascertained. In such case, and where otherwise necessary
to update or correct the information required, a person or agency
shall provide additional notice as soon as practicable and without
unreasonable delay upon learning such additional information.”
Additionally, the notice to individuals must now identify the name of
the parent or affiliated corporation if the organization that
experienced a breach of security is owned by another person or
corporation.

hn Wesley Hall notes a court opinion on
FourthAmendment.com
that some readers may wish to note — particularly if they are
confessing to criminal conduct in their “private” communications:

There is no Fourth Amendment issue in a
police officer posing as a false friend on social media accounts to
see defendant’s private pages he shares with others. Here,
defendant was seen wearing a gold chain taken from his robbery
victim, and it was admissible in evidence. People
v. Pride, 2019 Cal. App. LEXIS 34 (4th Dist. Jan. 11, 2019).

Not sure all that ducking and weaving is good in
the long term, but if their goal is to avoid negative headlines it
seems to be working.

Alex Jones and Infowars must provide a wide array
of documents to plaintiffs in
a Connecticut defamation lawsuit. The suit was brought by six
families of victims of the 2012 Sandy Hook Elementary School shooting
and an FBI agent swept up in conspiracy theories that the shooting
was staged.

Judge Barbara Bellis responded
Jan. 10 to objections by Jones and several affiliated companies
about the types of documents they needed to turn over during the
discovery phase of the trial.

… The lawsuit arises from Jones’s extensive
popularizing of a theory that the Sandy Hook shooting was staged
by the federal government, and that no adults nor children were
injured or killed. Rather, he put forward, so-called “crisis
actors” portrayed the various parents and relatives of murdered
students and educators in the media or appeared in video and photos
as victims.

Conspiracy theorists have harassed victims’
families, first responders, and some entirely unconnected individuals
starting within minutes of the reports coming out about the shooting.
Many affected parents, relatives, and others have had to move, often
repeatedly, to avoid letters, phone calls, and sometimes in-person
confrontations.

… the site’s conspiracy videos are still
making their way online. Some of the videos are uploaded by Infowars
fans. Others videos come from spam accounts, apparently trying to
leech views off Infowars fans. And a large subset come from smaller
Infowars-owned accounts that were unaffected by the ban.

CVs
containing sensitive info of over 202 million Chinese users left
exposed online

A security researcher has stumbled over an
unsecured MongoDB database server that contained highly detailed CVs
for over 202 million Chinese users.

… The MongoDB instance contained 854GB of
data, with 202,730,434 records in total, most of which were CVs for
Chinese users.

… Tracking down its owner has been near
impossible.

One of the researcher's followers came to the
rescue last year, when he pointed Diachenko to a now-deleted GitHub
repository that contained the source code of a web app.

The app, most likely created to scrape CVs from
legitimate job-finding portals, contained identical data structures
to the ones found in the leaky database, a clear sign it was the one
that scraped and collected the CVs.

… This is not the first time that Diachenko
finds a leaky server containing data from resume site scrappers.
Last month, he also found a similar server exposing over
66 million records that appeared to have been scraped from
LinkedIn, and later leaked via another MongoDB database.

A US food distributor that was hit by the NotPetya
cyber attack is taking legal action against its insurance company for
refusing to pay out on a $100m claim for damages caused by the hack.

Mondelez, which owns popular brands Oreo and
Cadbury, was hit by NotPetya
twice in 2017, suffering significant damage to its IT infrastructure
including hardware.

According to court papers filed in Illinois, seen
by the Financial
Times, 1,700 of Mondelez servers and 24,000 of its laptops
were rendered "permanently dysfunctional".

… Both the US and UK governments have
attributed NotPetya to Russian hackers attacking the Ukrainian
government – claims that have been denied by the Kremlin.

… Igor Baikalov, chief scientist at Securonix,
believes that there's another reason to not pay out.

"Instead of a war exclusion clause, Zurich
should have invoked a gross negligence clause, which is much easier
to prove in this case than attribution to a nation-state,
particularly considering Mondelez was hit twice by the same
ransomware," he said.

I may never leave the US again because I couldn’t
get back in! When they demand I hand over the password to my phone,
will they believe I don’t own one? I don’t use social media
either… I have such a low e-profile I must be a
Russian/Chinese/North Korean agent!

The U.S.
Border Patrol (CBP) and the TSA claim they
need to secretly spy on everyone’s social media accounts
so they can understand a person’s relationship with their friends,
family and the government.

According to a
DHS report
published last month, nothing
can stop the Border Patrol or the TSA from secretly spying on
everyone’s social media accounts.

“In order to conduct a complete
investigation, it is necessary for DHS/CBP to collect and review
large amounts of data in order to identify and understand
relationships between individuals, entities, threats and events, and
to monitor patterns of activity over extended periods of time that
may be indicative of criminal, terrorist, or other threat.”

On January 10, 2019, Advocate General Szpunar of
the Court of Justice of the European Union (CJEU) released his
opinion
regarding a 2016 enforcement action carried out by the French
Supervisory Authority (CNIL) against Google. In that case, the CNIL
ordered Google to de-reference links to webpages containing personal
data. According to the CNIL, the de-referencing had to be effective
worldwide. Google challenged the CNIL’s decision before the French
administrative court, which then referred this matter to the CJEU.

In his opinion, Advocate General Szpunar disagrees
with the CNIL’s view on a worldwide application of the “right to
be forgotten.”

Do you have an interesting perspective on Europe’s
General Data Protection Regulation or insightful information about
GDPR to share? IEEE Security and Privacy seeks articles
from scholars and practitioners from various disciplines and
countries to examine GDPR:
A Year On. Successful submissions will address (among
other topics) the GDPR’s:

• position at the intersection of law and technology;
•
global impact;
• implications for global multinationals and
for small and medium size enterprises;
• implementation by
engineers, economists, and lawyers;
• potential macroeconomic
and competitive impact; and
• effect on debates about ethics
beyond the law.

Submissions are due by March 1, 2019,
with publication in November/December, 2019.

AI’s rapid advancement and innovation potential
across a range of fields is incredibly exciting. Yet a thorough and
open discussion around AI ethics, and the principles organisations
using this technology must consider, is urgently needed.

… Americans have mixed support for the
continued development of AI and overwhelmingly agree that it should
be regulated, according to a new
study from the Center for the Governance of AI and Oxford
University’s Future of Humanity Institute.

Americans place the
most trust in the US military and universities to build AI

Americans trust tech
companies and non-government organizations more than the government
to manage AI

Workers may not be
replaced by robots anytime soon, but they’ll likely face shorter
hours, lower pay, and stolen time.

When blue-collar workers go on strike, demands
such as wage increases and better hours are usually the objective.
But when nearly
8,000 Marriott International employees marched outside hotels for
two months in late 2018, one request stood out among the rest:
protection against the automated technology that’s remaking the
hotel industry.

IMDB has launched a free streaming service called
Freedive
that features dozens of movies and TV shows. And while it doesn’t
have new releases, the selection isn’t half bad, with movies like
Drive, Adaptation, Gattaca, True
Romance, Last Action Hero, Legends of the Fall,
and Panic Room as well as TV shows like Fringe, Quantum
Leap, Gilligan’s Island, Heroes, and The Bachelor.

… The service also seems to be a vehicle for
providing more exposure to IMDB’s a number of original video series
that you’ve probably never heard of. Thankfully the service
doesn’t require a
subscription.

One cool thing about the service that sets it
apart from others is that it each category displays the top-rated
movies first.

Something I did on Tuesday or Wednesday caught
Canada’s attention. I have no idea what that might be, but I hope
they’re not angry!

Thursday, January 10, 2019

Those who don’t have the resources (time & treasure) to do it
right must find the resources to do it over. If I was a cruel
professor, I’d have my students read and summarize the report (no
more than 50 pages, please)

A culmination of bad system management
and undertrained IT staff, amongst other gaps, had resulted in
Singapore’s most severe cybersecurity breach last July, according
to the committee formed to review the events leading up to the
SingHealth incident.

[…]

The 454-page
report published today outlined 16 recommendations the
committee said were made in light of its findings, testimonies from
witnesses and Singapore’s Cyber Security Agency (CSA), and public
submission, as well as feedback from the Solicitor-General and key
organisations including Ministry of Health, SingHealth, and the IT
agency responsible for the local healthcare sector, Integrated Health
Information System (IHIS).

Beware “professional reporting” on Computer
Crime. Some strange claims here. A procedure for my Computer
Security students to revise. Note that they did not report a
“summer” scam until December. Maybe that’s Okay under
Napoleonic law?

The Caddo Parish School System is scammed out of
nearly $1 million in tax payer money.

… Caddo Schools makes monthly payments to the
charter school. Over the
summer,a bank
out of Nigeria hacked into Charter Schools USA's account
and changed the banking information on file with Caddo Schools.
$988,000 was deposited into the wrong account.

… Law enforcement authorities have found much
of the nearly $1 million stolen in an international phishing scheme
against Caddo Public Schools but have not recovered the money, a
detective said Tuesday.

Nearly $714,000 has been found and frozen in U.S.
bank accounts, said Capt. Bobby Herring, a detective with the Caddo
Parish Sheriff's Office.

Authorities continue to look for an additional
$275,000

… Caddo Schools employees reported
the theft to law enforcement authorities on Dec. 12,
Herring said. They disclosed the theft to the public only Tuesday,
in a news release.

School district spokeswoman Mary Nash-Wood said in
an interview that the delay in the notification occurred because
information regarding the scope and nature of the scam was still
being gathered.

… The school district news release said the
theft occurred when an
unknown individual fraudulently posed as an employee with
Charter Schools USA, which operates the Magnolia school. The
individual spoofed an official Charter Schools USA email account to
change banking information on file with Caddo Schools, which then
sent money to the wrong bank account.

… "There was a time in the summer where
our charter school parent company's email system was hacked into,"
Goree said.

The email account from which the communication
originated was based in a country in Africa. Sheriff's deputies
declined to disclose which country.

… A similar phishing scam targeted the
Independence Bowl in November, but the organization had safeguards
that protected it, Herring said.

… This is our new reality: cyber powers,
including China, are collecting and compiling data on private
citizens, including Americans and other nationals, not just
potentially to make a quick buck but also (and more consequentially)
to pursue national security objectives through tactics known and
still unknown—because they haven’t been deployed or developed
yet.

… But most intriguing is the possibility that
Beijing doesn’t even know why or how it might be able to
use this data set, yet nonetheless figures that it’s worth
acquiring it now, with an anticipation of putting it to use later.

Perspective. Only old folks believe that if you
see it on the Internet it must be true? Maybe we just find the fake
stuff humorous?

Older Americans are
disproportionately more likely to share fake news on Facebook,
according to a new analysis by researchers at New York and Princeton
Universities. Older users shared more fake news than younger ones
regardless of education, sex, race, income, or how many links they
shared. In fact, age predicted their behavior better than any other
characteristic — including party affiliation.

… Today’s study, published in Science
Advances, examined user behavior in the months before and
after the 2016 US presidential election.

… Across all age categories, sharing fake news
was a relatively rare category. Only 8.5 percent of users in the
study shared at least one link from a fake news site.

… But older users skewed the findings: 11
percent of users older than 65 shared a hoax, while just 3 percent of
users 18 to 29 did.

Google allowing its developers to do their own
thing for Chrome Labs can lead to cool experiments
the rest of us can play with. One of those developers, for instance,
has created a virtual Etch A Sketch for your browser. And, yes, it
works even on browsers other than Chrome, including Firefox and
Opera. Aptly called Web
A Skeb, the experiment works just like the drawing toy and is
even as tough to draw on

… The only way to draw on Web A Skeb is to
twist its dials using your mouse or trackpad, because its developer's
original purpose was to create an experiment that uses knobs for
input.

Facebook has violated Vietnam’s new
cybersecurity law by allowing users to post anti-government comments
on the platform, state media said on Wednesday, days after the
controversial legislation took effect in the communist-ruled country.

… In a statement, a Facebook spokeswoman said,
“We have a clear process for governments to report illegal content
to us, and we review all these requests against our terms of service
and local law.”

… The bounty hunter sent the number to his own
contact, who would track the phone. The contact responded with a
screenshot of Google Maps, containing a blue circle indicating the
phone’s current location, approximate to a few hundred metres.

… The bounty hunter did this all without
deploying a hacking tool or having any previous knowledge of the
phone’s whereabouts. Instead, the tracking tool relies on
real-time location data sold to bounty hunters that ultimately
originated from the telcos themselves, including T-Mobile, AT&T,
and Sprint, a Motherboard investigation has found. These
surveillance capabilities are sometimes sold through word-of-mouth
networks.

Whereas it’s common knowledge that law
enforcement agencies can track phones with a warrant to service
providers, IMSI catchers, or until recently via other companies that
sell location data such
as one called Securus, at least one company, called Microbilt, is
selling phone geolocation services with little oversight to a spread
of different private industries, ranging from car salesmen and
property managers to bail bondsmen and bounty hunters, according to
sources familiar with the company’s products and company documents
obtained by Motherboard.

Winke bought his Samsung Galaxy S8, an
Android-based device that comes with Facebook’s social network
already installed, when it was introduced in 2017. He has used the
Facebook app to connect with old friends and to share pictures of
natural landscapes and his Siamese cat – but he didn’t want to be
stuck with it. He tried to remove the program from his phone, but
the chatter proved true – it was undeletable. He found only an
option to "disable," and he wasn’t sure what that meant.

… which brings up more questions,” Winke
said in an interview. “Can they still track your information, your
location, or whatever else they do?

Matt Stoller warned back in 2012 that
insurers would increasingly induce, then force, customers to agree to
surveillance. But a
Wall Street Journal story describes how insurers and medical
providers, meaning your doctor’s employers, are actively
cooperating, so as among other things, to help Big Pharma peddle more
drugs to you.

Stoller
warned that over time, insurance companies would make it
prohibitive and eventually impossible to refuse to agree to intensive
monitoring:

Profit-driven surveillance does not start and stop with young adults.
It is, in fact, becoming pervasive. The main theme of a recent IBM
consulting document on the future of the insurance industry is how
much more money an insurance company can make if it tracks and tags
its customers. This is particularly true for auto
insurance companies, some of whom like Allstate and Progressive are
experimenting on new technologies. For instance, IBM suggests that
“A “pay-as-you-live” product would trade some location and
time-of-day privacy data for lower insurance bills overall.”

IBM is recommending these companies stick a sensor in your car,
measure where you go and when, your speed, acceleration and
deceleration, etc. The progression over time could be to withdraw
traditional insurance products, so that you won’t be able to get an
insurance product without sensors attached. As this presentation
offers, “The aforementioned rising tide of technology also empowers
insurance underwriters to bring their products closer to realtime
interaction via sensor networks and enlightened privacy
regulations.”…

California
Would Become First State to Discourage Paper Receipts Under Newly
Proposed Bill

… But he said a law is needed because many
consumers don't realize most paper receipts are coated with chemicals
prohibited in baby bottles, can't be recycled and can contaminate
other recycled paper because of the chemicals known as Bisphenol-A
(BPA) and Bisphenol-S (BPS). [Wow!
Really? Bob]

… Republican Assemblyman Brian Dahle of Bieber
said he's concerned the receipt proposal could be burdensome for
small businesses, won't save that much paper and may not be practical
in rural areas without internet connections.

In addition, "then they have your email, then
they'll be marketing to you or selling your information or it can get
into privacy issues," he said.

Scooters,
get off the sidewalk: Denver approves first big dockless change

The Denver City Council on Monday unanimously
approved revisions to the city’s regulations for dockless scooters,
which many had dismissed as archaic and confusing.

Previously, the zippy two-wheel vehicles were
supposed to stay on sidewalks in Denver, even though they can hit 15
mph. The new law says that commuter scooters should travel in bike
lanes and on low-speed roads when available.

I must assume this is a deliberate reversal of
normal procedure. What message does it send? “We don’t need no
stinking EU!”

China is Conducting
a Low and Slow Cyberwar, Attempting to Stay Under the Radar and
Maneuver the Global Economy

… The
battle for economic supremacy is primarily if not entirely being
fought in cyber. Given the West’s promise of retaliation for
anything that meets its definition of cyberwarfare, China is largely
avoiding the sort of destructive activity more usually ascribed to
Russia (such as the attack
on France’s TV5Mondeand
Ukrainian
power companies),
and North Korea (such as the attack
on Sony,
and WannaCry).

… China
does not wish to provoke open conflict with the U.S.; either cyber or
kinetic. But in order to be stronger than the U.S. economically, it
must first close the gap in both business technology and military
technology. This means that its cyber operations must be
sophisticated, targeted and non-destructive.

There
are three primary targets: people, military, and critical
infrastructure.

People

People
are often defined as the weakest link in security. While this has
traction at a local level, it is peoples’ data that is important at
an international level. Direct access to credentials that don’t
get changed allows easy access to networks. If credentials are not
available, then personal details will often be sufficient to frame
compelling and potentially irresistible spear-phishing attacks.

Military

Military
and associated technology secrets are a traditional target for
international espionage of all categories.

Critical infrastructure

China Inc is unlikely to do anything too overt or
dramatic with U.S. critical
infrastructure – that would interfere with its long-term
strategy. But it would be naïve to think it is doing nothing. “At
a minimum, we must expect that China is seeking to map, model, and
understand how to attack U.S. critical infrastructure. Doing so
requires some level of reconnaissance,” comments TruSTAR’s Kurtz.

The National Counterintelligence and Security
Center began sending out detailed advisories, in brochure and video
forms, to companies around the country to show them how to guard
against cyber-incursions.

A federal appeals court said on Monday a Virginia
politician violated the Constitution by temporarily blocking a critic
from her Facebook page, a decision that could affect President Donald
Trump’s appeal from a similar ruling in New York.

In a 3-0 decision, the 4th U.S. Circuit Court of
Appeals said Phyllis Randall, chair of the Loudoun County Board of
Supervisors, violated the First Amendment free speech rights of Brian
Davison by banning him for 12 hours from her “Chair Phyllis J.
Randall” page.

The ban came after Davison had attended a 2016
town hall meeting, and then under his Facebook profile “Virginia
SGP” accused school board members and their relatives of corruption
and conflicts of interest.

… Circuit Judge James Wynn rejected Randall’s
argument that her Facebook page was a private website, saying the
“interactive component” was a public forum and that she engaged
in illegal viewpoint discrimination.

Giving passengers a choice takes time and effort.
Claiming that “the government made me do it” is much simpler.

What did Amtrak think was its
legal basis for requiring passengers to show ID and provide other
information, and for handing this data over to DHS components and
other police agencies for general law enforcement purposes?

When US Customs and Border Protection
(CBP) asked Amtrak to start transmitting passenger data
electronically, it described this as a request for “voluntary”
cooperation, noting
that while the law requires airlines to collect and transmit this
data to CBP, “these mandates do not currently extend to land modes
of transportation” (as they still don’t today).

Read how Amtrak took “voluntary” cooperation
and somehow morphed it into a federal mandate that was never mandated
– on Papers,
Please!

Should we worry about Jeff Bezos wandering through
our homes? Will their employees/robots look in our refrigerators to
suggest purchases?

Key By
Amazon adds garage and business delivery, new locks and Ring
compatibility

… Key is getting a whole bunch of new features
this week. In addition to the standard home and car delivery, the
company is adding Key for Garage into the mix. Using the Key app,
customers can remotely monitor the door and accept deliveries while
they’re out.

It’s a nice addition to the existing offerings,
for those looking to thwart package thieves or missed deliveries.

Kroger sees this as the future. Microsoft
provides the IT Architecture, Kroger supplies the expertise.

Microsoft and Kroger are taking a leaf out of
Amazon’s book by building futuristic “connected” grocery
stores.

… What all of this helps generate, of course,
is vast swathes of information — data on products and customer
data. Microsoft’s Azure will take care of all the backend data
storage and processing, but this wealth of data can be used by Kroger
to target ads at the customer as they waltz around the supermarket.
In addition to creating a more sophisticated shopping experience, the
initiative is all about creating additional revenue streams.

… But what is perhaps most interesting about
Kroger’s plans is that it’s packaging this as a
“retail-as-a-service” (RaaS) offering for use by other retailers
— yet another potentially gargantuan revenue stream.

Ford is building carsthat "talk"
with traffic lights, road signs and pedestrians.

At CES
2019 in Las Vegas on Monday, the automaker announced plans to
start selling cars that feature this type of technology in 2022.

The technology, called cellular
vehicle-to-everything (or C-V2X for short), uses wireless signals to
share road data, such as a car's location or the color of a traffic
light, with other vehicles.

… But critics says the cost of installing the
technology will be burdensome for cash-strapped governments. Corinne
Kisner, deputy director of the National Association of City
Transportation Officials, called the expense of installing and
maintaining vehicle-to-everything technology a major concern. Many
municipalities struggle to fill their potholes, let alone install
smart city technology. She also described any
effort to require a pedestrian to carry a smartphone to guarantee
safety as a dangerous paradigm shift.

Monday, January 07, 2019

When the FBI uncovered a scammer
targeting Wegmans two years ago, agents hacked into the suspect’s
computer in an effort to learn his identity.

The hacking, approved by a judge,
involved an email and attachment that, when opened, connected the
suspect’s computer to an FBI server.

A new lawsuit in Buffalo federal court
says the Wegmans case is just one example of how the government is
now using hacking in ordinary, day-to-day investigations, and not
just in national security and foreign intelligence probes.

Read more on The
Buffalo News. They don’t seem to give the case information,
but I’m embedding the complaint, filed in federal court for the
Western District of New York, below so you can read it all for
yourself.

[From
the article:

... the suit seeks evidence of what the groups
call a "remarkable expansion of the government's surveillance
powers."

This new tool, they argue in court papers, is so
powerful and intrusive that it carries with it great risk to the
privacy and security of both the individuals being investigated and
the people around them.

"It's never before been the case that the
government can accumulate so much important and sensitive personal
information by accessing just one device," said Jonathan Manes,
director of the UB Law School's Civil Liberties and Transparency
Clinic.

I’m betting it’s not high on the “must have’
lists yet, but at least it is being mentioned.

"What happens on your iPhone stays on your
iPhone," Apple says in the message to be seen by tens of
thousands attending the Las Vegas tech show.

… The data scandals "are like Christmas
presents for us," by prompting more consumers to look for better
security, said Winston founder Richard Stokes.

"As we see more things being connected I
think that you'll definitely hear people talk about security more and
really looking at how would you secure the data," said analyst
Carolina Milanesi of Creative Strategies.

"More companies are going to take kind of a
cue from the marketing that Apple has been doing."

Millions of unwitting “sheeple” have
willingly outfitted their homes and offices with so-called “smart”
speakers like Amazon’s Alexa device, which is marketed as a
convenience assistant for getting things done simply using only your
voice. But as revealed by Justus Knight in a
recent video update to his YouTube channel, Alexa is, practically
speaking, an always-listening demon device that can monitor,
track, and record people’s conversations for blackmail purposes.

The epitome of Orwellian, Big Brother
privacy invasion, Alexa is hardly the innocuous technological
“advancement” that its proponents claim it is. Alexa is a
far-Left purveyor of “progressive” ideologies such as those
perpetuated by
Black Lives Matter (BLM). It’s also a potential snitch device
that authoritarian overlords can use to control the populations of
the world.

“In
this paper we ask: “how might we take the ideas, the methods
and the underlying philosophy behind agile software development and
explore applying them in the context of doing research — even
research that does not involve software development?” We look at
some examples of agile research methods and think about how they
might inspire the design of even better methods. We also try to
address some potential criticisms of an approach that aims to
minimize a need for Big Design Up Front by developing tighter
iteration cycles, coupled with reflection and learning as part of a
process for doing research.”

Perspective. When you can do “anything you can
imagine” with technology, you sometimes run into things you never
imagined.

Petcube
announced the second generation of its Petcube
Bites and Play cameras today, which keep your pets entertained at
home via flinging treats and laser pointers while you’re away at
work.

… Both cameras in the Bites and Play have
1080p HD video, 4x digital zoom, and night vision. Pets
can also initiate two-way “video
calls,” which are triggered when a pet sits in front
of the camera. Owners will then receive a push notification asking
if they want to accept a video call from their pet (always, of
course).

… The $10 plan comes with Smart alerts, which
uses AI to distinguish between cats, dogs, and people, and offers
audio recognition of barking and meowing to notify owners of
potentially dangerous events.

Hongkiat:
“Contextual feedback
is crucial for remote teams working online to have fast
and efficient feedback system. Asking and taking
feedback is tedious and usually happens off-context using email and
text message. There are some tools, however, that allow teams to
discuss things and
collaborate online in much better way. Web
Annotation and Markup tools help you to comment,
discuss and collaborate right on web pages or
screenshots or PDFs. Such tools add
context to the content and make use of highlights,
sticky notes, comments, etc. for making discussions
with context. In this post, we’re showcasing the best
yet freely
available tools for contextual feedback. These tools
let you annotate, comment
and discuss on the web quickly and easily…”

The Government
Accountability Office polled four government agencies on what
they saw as the biggest threats to American security. The result was
26 threats identified by the Department of Defense, Department of
State, Department of Homeland Security and the Office of the Director
of National Intelligence.

New adversaries and private corporations.New states could arise that threaten the U.S.
Interestingly, the GAO report worries about “private corporations
obtaining resources that could grant them more influence than
states.”

Information operations.Adversaries such as Russia, China and Iran will take
advantage of social media, artificial intelligence and data crunching
to wage information warfare.

Cyber weapons.In addition to Russia and China, Iran and North
Korea are developing cyberattack capabilities that could target a
variety of systems, such as air traffic control or health care.

If you had control of all of your personal data
and all data about your activities, would that identify GDPR
violations? As raw data, that might be overwhelming. A system to
manage the data is going to be very complex. Might be fun for my
Software Architects to consider.

Microsoft
is privately testing 'Bali,' a way to give users control of data
collected about them

… The "About"
page for Bali describes it as a "new personal data bank
which puts users in control of all data collected about them.... The
bank will enable users to store all data (raw and inferred) generated
by them. It will allow the user to visualize, manage, control, share
and monetize the data."

How much should we worry about our children using
screens? It’s hard, as a parent, not to worry. Not least because
we’re constantly surrounded by doom-laden warnings about how
smartphones have “destroyed
a generation”.

… With all that in mind, it’s an enormous
relief that the Royal College of Paediatrics and Child Health (RCPCH)
has issued
new screen time guidelines that are entirely sensible and
acknowledge the weakness of the evidence. It says there
is “essentially no evidence” to support the idea that screen time
is directly toxic to health, despite wild claims in the
media. It says there is some evidence that it can displace other
activities such as exercise. But its main recommendations are simply
to ask yourselves, as a family, whether your screen time is
controlled, or whether it gets in the way of things you want to do –
family time, eating together – and to try to control your use if it
does.

With each passing year, an increasingly large
segment of the population no longer remembers images loading a single
pixel row at a time, the earsplitting sound of a 56k modem, or the
domination of web portals.

Many of the top websites in 1998 were basically
news aggregators or search portals, which are easy concepts to
understand. Today, brand touch-points are often spread out between
devices (e.g. mobile apps vs. desktop site) and a myriad of services
and sub-brands (e.g. Facebook’s constellation of apps). As a
result, the world’s biggest websites are complex, interconnected
web properties.

Today’s visualization, inspired by an earlier
work published by WaPo,
looks at which of the internet giants have evolved to stay on top,
and which have faded into internet lore.

Links

About Me

I live in Centennial Colorado. (I'm not actually 100 years old., but I hope to be some day.) I'm an independant computer consultant, specializing in solving problems that traditional IT personnel tend to have difficulty with... That includes everything from inventorying hardware & software, to converting systems & data, to training end-users. I particularly enjoy taking on projects that IT has attempted several times before with no success. I also teach at two local Universities: everything from Introduction to Microcomputers through Business Continuity and Security Management. My background includes IT Audit, Computer Security, and a variety of unique IT projects.